Electronic messaging systems (including, e.g., electronic mail (email) systems, instant messaging systems, text messaging systems, and other such messaging systems) have become ubiquitous in both the commercial and private spheres, and have changed the way businesses and individuals communicate with one another, allowing users to quickly and easily exchange information. For example, an individual can easily send and receive text messages, emails, or the like, using one of any number of computing devices, including personal computing devices (e.g., so-called “smart phones,” tablet devices, and the like), laptop computers, desktop computers, and the like, as well as larger computing systems (e.g., availing themselves of access to server systems, cloud-based systems, and the like). In a business setting, an employee can draft an electronic document, attach that document to an electronic message, and send the message (including the attached document) to other employees, allowing those employees to access the document at their convenience, without having to obtain a physical copy of the document.
As businesses and individuals increase their usage of electronic forms of communication, however, new problems have begun to arise. For example, the increasing use of email, over both the Internet and private networks, increases the exposure of individual users and operations to malicious disruption. One such problem is the possibility of malware attacks by way of such electronic messaging systems. For example, email-borne malware outbreaks have occurred with some frequency, spreading across the globe in a matter of hours, at times. Some degree of protection can be achieved by scanning emails and their attachments for malware while the emails are being conveyed through the network (e.g., the Internet) and/or upon receipt. Typically, the scanning of emails during their transport is done on a centralized basis (e.g., by Internet Service Providers (ISPs) and/or others who operate email gateways). Scanning can also be performed at an end user's machine, upon the receipt of a given email and prior to storage thereof (and ultimately, access thereto by the intended recipient).
However, even with the scanning of emails during transport and upon receipt, there is still a problem with regard to new malware. For example, it is possible for new malware to be released onto the Internet, and begin infecting computers before a new malware definition (containing information allowing identification of the new malware) can be promulgated. In such a scenario, a given email message may contain the new malware, which would then go undetected as the given email message (and new malware) was conveyed to the intended recipient, regardless of having been scanned during transport and upon receipt (as a result of the (old) malware definition being used). Thus, there exists a window of vulnerability in such messaging systems, in which the period of time between when the last malware definition was made available, and a new such malware definition is made available. In such scenarios, then, messaging systems lack protection from new malware introduced during such periods. Thus, even leaving aside the question of how a new virus might first be detected, and whether or not the given message was scanned during transport or receipt with a given malware definition, there remains the need for functionality that protects messaging systems in such situations.